25
R-C-D
6y

Hey hackers! It's me again 😀

If I wanna be an awesome pentester / bug hunter , what should be my main focus?
Network?
Data sciense?
Algorythm?
Low level programming?

I've already passed network + and basics of ccna and I already know pentesting using kali and I know c and python as well.
Just not sure where to go next and keep using kali packages makes me feel like a script kiddie (which is aweful 😬)

Dreaming to be able to write my own exploits and have my own 0day bugs👑

Thanks for any recommandation you would

Comments
  • 15
    Social engineering.
  • 5
    As like QA? @Floydian breaks stuff
  • 2
    @devTea @CodePatronus
    Do you break stuff?
  • 4
    Nope, at least I didn’t do that for a living
  • 2
    @Floydian
    Help me ! 😀
  • 2
    @CodePatronus how many floydians?
  • 2
    @CodePatronus
    @Floydian
    @Floydian
  • 2
    @CodePatronus how is this poosible?
  • 2
    @CodePatronus they brok into dev rant??
  • 2
    @CodePatronus we rule the world! 💪
  • 2
    @CodePatronus what did you do?
    You created both flaydians?
  • 2
    @CodePatronus then you are the one I'm looking for!
  • 2
    @CodePatronus cool man !!!!
    Tell me! Where to go? What to read ? Did you broke into NSA?
  • 1
    @CodePatronus come on ! If it is not a hack what is this?
  • 1
    @CodePatronus you are just humble aren't you?
  • 0
    @CodePatronus yesss!
    U R a hacker !
    Capital i = I
    small l = l

    Yessss!!!
  • 0
    @CodePatronus many urls can be faked using this method then 😀

    Happy phishing !
  • 0
    @CodePatronus
    I
    l
    |
    Three different chars!
  • 0
    @CodePatronus oh crap 😞
  • 0
    @ceee i thought it was u who posted this rant before opening it
  • 0
    @Floydian help me then 😀
  • 1
    @Floydian thanks! 😀
  • 2
    @SukMikeHok nah 😅
  • 1
    Learn operating systems and protocols back and forth. Can't exploit any system unless you understand exactly how it works.
  • 0
    @segfault0xff windows , linux or both?
  • 1
    @R1100 probably windows, since most of enterprise uses Microsoft. But the low level concepts are more important than a specific operating system. I'd recommend some system programming at the same time, that helps cement that knowledge.
  • 0
    @segfault0xff thanks 😊
  • 0
    @R1100 no prob!
  • 0
    @segfault0xff i have a question
    Win is closed source so you meant mastering using it?
  • 1
    Data sciense.. Algorythm.. lotsa crinse :')

    That being said, I've mentioned it in the other rant as well. Curiosity! Curiosity about the inner parts of whatever you can get your dick beaters on. Take a peep under the skirt, and see how she works. First time is always scary.. all alone, in the dark.. but once you get the hang of it, it'll become much more familiar. Also there's no shortcuts. To really become good at your craft, there's only the hard and proper way. Oh and refrain from cringe posting about this or that hack. If you're only in it for breaking into shit from others, I can not help you and do not have a desire to do so. If however you're looking to learn, start by setting up a lab environment if you haven't done so already, and have a look on Null Byte for some things you can do in the lab. I'd put in this lab some WanBLowS target VM, Metasploitable perhaps for learning how certain tools work, and another pentesting VM that you'll be conducting your attacks from. From there on, it'll probably grow over time. Using a separate network and bridging the VM's connections may also be helpful.. but that requires networking experience and a dedicated virtualization host of course. Something like Proxmox.

    Edit: whoops, didn't read the whole post. Exploits, hmm.. well reading the source code of existing ones helps, and looking for vulnerabilities in the programs you're looking to write an exploit for. I'd say low level programming languages, particularly C as well as Assembly for reverse engineering.
  • 1
    @Condor yess !
    I've got a small homemade lab of different os and perform my attacks from a kali systems.
    But still only usy scripts written by others and that is what really bothers
  • 1
    Oh and vulnerability disclosures! Take BlueBorne for example, excellent paper but no public exploits have been written for it so far.
  • 1
    @Condor you think I can do it ?
  • 1
    @R1100 Well yeah, I'd be bothered by that as well :P
    If you want to write your own scripts, maybe you'll want to look at what they use under the hood.. TCP sockets, certain algorithms to generate wordlists, you get the idea. Take ncat or even plain nc which is the little brother of nmap. You can write your own scanning scripts for that, to e.g. look only for certain ports to reduce your reconnaissance footprint. Things like that maybe. Python and Bash are good languages for quick and dirty scripts like that.
  • 1
    @R1100 Of course! You'd be surprised how simple yet overengineered some stuff out there is.
  • 1
    @Condor thanks !
    I'll get to it and finally make my hands dirty
  • 1
    @R1100 windows administration specifically.
  • 1
    Why not everything?
  • 1
    @rupeshx because specialists make more than generalists.
Add Comment